diff options
| author | Stephen Smalley <sds@tycho.nsa.gov> | 2014-02-19 09:16:17 -0500 |
|---|---|---|
| committer | Stephen Smalley <sds@tycho.nsa.gov> | 2014-02-19 16:11:48 -0500 |
| commit | 9eb9c9327563014ad6a807814e7975424642d5b9 (patch) | |
| tree | 050b6180a59af9ee7622c80171d734f319c178f0 /libselinux/src | |
| parent | 1cb368636bdaf465cd63178a0692db38865e943b (diff) | |
| download | android_external_selinux-9eb9c9327563014ad6a807814e7975424642d5b9.tar.gz android_external_selinux-9eb9c9327563014ad6a807814e7975424642d5b9.tar.bz2 android_external_selinux-9eb9c9327563014ad6a807814e7975424642d5b9.zip | |
Get rid of security_context_t and fix const declarations.
In attempting to enable building various part of Android with -Wall -Werror,
we found that the const security_context_t declarations in libselinux
are incorrect; const char * was intended, but const security_context_t
translates to char * const and triggers warnings on passing
const char * from the caller. Easiest fix is to replace them all with
const char *. And while we are at it, just get rid of all usage of
security_context_t itself as it adds no value - there is no true
encapsulation of the security context strings and callers already
directly use string functions on them. typedef left to permit
building legacy users until such a time as all are updated.
This is a port of Change-Id I2f9df7bb9f575f76024c3e5f5b660345da2931a7
from Android, augmented to deal with all of the other code in upstream
libselinux and updating the man pages too.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Acked-by: Eric Paris <eparis@redhat.com>
Diffstat (limited to 'libselinux/src')
39 files changed, 204 insertions, 204 deletions
diff --git a/libselinux/src/audit2why.c b/libselinux/src/audit2why.c index ec946bb2..c91b65e6 100644 --- a/libselinux/src/audit2why.c +++ b/libselinux/src/audit2why.c @@ -300,8 +300,8 @@ static PyObject *init(PyObject *self __attribute__((unused)), PyObject *args) { static PyObject *analyze(PyObject *self __attribute__((unused)) , PyObject *args) { char *reason_buf = NULL; - security_context_t scon; - security_context_t tcon; + char * scon; + char * tcon; char *tclassstr; PyObject *listObj; PyObject *strObj; diff --git a/libselinux/src/avc.c b/libselinux/src/avc.c index 1f7aca9f..2bd7d134 100644 --- a/libselinux/src/avc.c +++ b/libselinux/src/avc.c @@ -67,7 +67,7 @@ static inline int avc_hash(security_id_t ssid, & (AVC_CACHE_SLOTS - 1); } -int avc_context_to_sid_raw(const security_context_t ctx, security_id_t * sid) +int avc_context_to_sid_raw(const char * ctx, security_id_t * sid) { int rc; /* avc_init needs to be called before this function */ @@ -79,10 +79,10 @@ int avc_context_to_sid_raw(const security_context_t ctx, security_id_t * sid) return rc; } -int avc_context_to_sid(const security_context_t ctx, security_id_t * sid) +int avc_context_to_sid(const char * ctx, security_id_t * sid) { int ret; - security_context_t rctx; + char * rctx; if (selinux_trans_to_raw_context(ctx, &rctx)) return -1; @@ -94,7 +94,7 @@ int avc_context_to_sid(const security_context_t ctx, security_id_t * sid) return ret; } -int avc_sid_to_context_raw(security_id_t sid, security_context_t * ctx) +int avc_sid_to_context_raw(security_id_t sid, char ** ctx) { int rc; *ctx = NULL; @@ -105,10 +105,10 @@ int avc_sid_to_context_raw(security_id_t sid, security_context_t * ctx) return rc; } -int avc_sid_to_context(security_id_t sid, security_context_t * ctx) +int avc_sid_to_context(security_id_t sid, char ** ctx) { int ret; - security_context_t rctx; + char * rctx; ret = avc_sid_to_context_raw(sid, &rctx); @@ -133,7 +133,7 @@ int sidput(security_id_t sid __attribute__((unused))) int avc_get_initial_sid(const char * name, security_id_t * sid) { int rc; - security_context_t con; + char * con; rc = security_get_initial_context_raw(name, &con); if (rc < 0) @@ -843,7 +843,7 @@ int avc_compute_create(security_id_t ssid, security_id_t tsid, int rc; struct avc_entry_ref aeref; struct avc_entry entry; - security_context_t ctx; + char * ctx; *newsid = NULL; avc_entry_ref_init(&aeref); @@ -891,7 +891,7 @@ int avc_compute_member(security_id_t ssid, security_id_t tsid, security_class_t tclass, security_id_t *newsid) { int rc; - security_context_t ctx = NULL; + char * ctx = NULL; *newsid = NULL; /* avc_init needs to be called before this function */ assert(avc_running); diff --git a/libselinux/src/avc_sidtab.c b/libselinux/src/avc_sidtab.c index 0b696bb8..52f21df8 100644 --- a/libselinux/src/avc_sidtab.c +++ b/libselinux/src/avc_sidtab.c @@ -13,7 +13,7 @@ #include "avc_sidtab.h" #include "avc_internal.h" -static inline unsigned sidtab_hash(security_context_t key) +static inline unsigned sidtab_hash(const char * key) { char *p, *keyp; unsigned int size; @@ -46,18 +46,18 @@ int sidtab_init(struct sidtab *s) return rc; } -int sidtab_insert(struct sidtab *s, const security_context_t ctx) +int sidtab_insert(struct sidtab *s, const char * ctx) { int hvalue, rc = 0; struct sidtab_node *newnode; - security_context_t newctx; + char * newctx; newnode = (struct sidtab_node *)avc_malloc(sizeof(*newnode)); if (!newnode) { rc = -1; goto out; } - newctx = (security_context_t) strdup(ctx); + newctx = (char *) strdup(ctx); if (!newctx) { rc = -1; avc_free(newnode); @@ -76,7 +76,7 @@ int sidtab_insert(struct sidtab *s, const security_context_t ctx) int sidtab_context_to_sid(struct sidtab *s, - const security_context_t ctx, security_id_t * sid) + const char * ctx, security_id_t * sid) { int hvalue, rc = 0; struct sidtab_node *cur; diff --git a/libselinux/src/avc_sidtab.h b/libselinux/src/avc_sidtab.h index 29b5d8b2..bce9b877 100644 --- a/libselinux/src/avc_sidtab.h +++ b/libselinux/src/avc_sidtab.h @@ -25,10 +25,10 @@ struct sidtab { }; int sidtab_init(struct sidtab *s) hidden; -int sidtab_insert(struct sidtab *s, security_context_t ctx) hidden; +int sidtab_insert(struct sidtab *s, const char * ctx) hidden; int sidtab_context_to_sid(struct sidtab *s, - security_context_t ctx, security_id_t * sid) hidden; + const char * ctx, security_id_t * sid) hidden; void sidtab_sid_stats(struct sidtab *s, char *buf, int buflen) hidden; void sidtab_destroy(struct sidtab *s) hidden; diff --git a/libselinux/src/callbacks.c b/libselinux/src/callbacks.c index 7c472227..cdf7b637 100644 --- a/libselinux/src/callbacks.c +++ b/libselinux/src/callbacks.c @@ -33,7 +33,7 @@ default_selinux_audit(void *ptr __attribute__((unused)), } static int -default_selinux_validate(security_context_t *ctx) +default_selinux_validate(char **ctx) { return security_check_context(*ctx); } @@ -60,7 +60,7 @@ int default_selinux_audit; int -(*selinux_validate)(security_context_t *ctx) = +(*selinux_validate)(char **ctx) = default_selinux_validate; int diff --git a/libselinux/src/callbacks.h b/libselinux/src/callbacks.h index 52ad5550..2a572e08 100644 --- a/libselinux/src/callbacks.h +++ b/libselinux/src/callbacks.h @@ -19,7 +19,7 @@ extern int (*selinux_audit) (void *, security_class_t, char *, size_t) hidden; extern int -(*selinux_validate)(security_context_t *ctx) hidden; +(*selinux_validate)(char **ctx) hidden; extern int (*selinux_netlink_setenforce) (int enforcing) hidden; diff --git a/libselinux/src/canonicalize_context.c b/libselinux/src/canonicalize_context.c index 176c45aa..7cf31395 100644 --- a/libselinux/src/canonicalize_context.c +++ b/libselinux/src/canonicalize_context.c @@ -9,8 +9,8 @@ #include "policy.h" #include <limits.h> -int security_canonicalize_context_raw(const security_context_t con, - security_context_t * canoncon) +int security_canonicalize_context_raw(const char * con, + char ** canoncon) { char path[PATH_MAX]; char *buf; @@ -62,12 +62,12 @@ int security_canonicalize_context_raw(const security_context_t con, hidden_def(security_canonicalize_context_raw) -int security_canonicalize_context(const security_context_t con, - security_context_t * canoncon) +int security_canonicalize_context(const char * con, + char ** canoncon) { int ret; - security_context_t rcon; - security_context_t rcanoncon; + char * rcon; + char * rcanoncon; if (selinux_trans_to_raw_context(con, &rcon)) return -1; diff --git a/libselinux/src/checkAccess.c b/libselinux/src/checkAccess.c index aaebb949..4d70ebe7 100644 --- a/libselinux/src/checkAccess.c +++ b/libselinux/src/checkAccess.c @@ -15,7 +15,7 @@ static void avc_init_once(void) avc_open(NULL, 0); } -int selinux_check_access(const security_context_t scon, const security_context_t tcon, const char *class, const char *perm, void *aux) { +int selinux_check_access(const char *scon, const char *tcon, const char *class, const char *perm, void *aux) { int rc; security_id_t scon_id; security_id_t tcon_id; @@ -59,7 +59,7 @@ int selinux_check_access(const security_context_t scon, const security_context_t int selinux_check_passwd_access(access_vector_t requested) { int status = -1; - security_context_t user_context; + char *user_context; if (is_selinux_enabled() == 0) return 0; if (getprevcon_raw(&user_context) == 0) { diff --git a/libselinux/src/check_context.c b/libselinux/src/check_context.c index 33ab5e31..52063fac 100644 --- a/libselinux/src/check_context.c +++ b/libselinux/src/check_context.c @@ -9,7 +9,7 @@ #include "policy.h" #include <limits.h> -int security_check_context_raw(const security_context_t con) +int security_check_context_raw(const char * con) { char path[PATH_MAX]; int fd, ret; @@ -33,10 +33,10 @@ int security_check_context_raw(const security_context_t con) hidden_def(security_check_context_raw) -int security_check_context(const security_context_t con) +int security_check_context(const char * con) { int ret; - security_context_t rcon; + char * rcon; if (selinux_trans_to_raw_context(con, &rcon)) return -1; diff --git a/libselinux/src/compute_av.c b/libselinux/src/compute_av.c index 5962c0b5..937e5c3e 100644 --- a/libselinux/src/compute_av.c +++ b/libselinux/src/compute_av.c @@ -10,8 +10,8 @@ #include "policy.h" #include "mapping.h" -int security_compute_av_flags_raw(const security_context_t scon, - const security_context_t tcon, +int security_compute_av_flags_raw(const char * scon, + const char * tcon, security_class_t tclass, access_vector_t requested, struct av_decision *avd) @@ -74,8 +74,8 @@ int security_compute_av_flags_raw(const security_context_t scon, hidden_def(security_compute_av_flags_raw) -int security_compute_av_raw(const security_context_t scon, - const security_context_t tcon, +int security_compute_av_raw(const char * scon, + const char * tcon, security_class_t tclass, access_vector_t requested, struct av_decision *avd) @@ -101,14 +101,14 @@ int security_compute_av_raw(const security_context_t scon, hidden_def(security_compute_av_raw) -int security_compute_av_flags(const security_context_t scon, - const security_context_t tcon, +int security_compute_av_flags(const char * scon, + const char * tcon, security_class_t tclass, access_vector_t requested, struct av_decision *avd) { - security_context_t rscon; - security_context_t rtcon; + char * rscon; + char * rtcon; int ret; if (selinux_trans_to_raw_context(scon, &rscon)) @@ -128,8 +128,8 @@ int security_compute_av_flags(const security_context_t scon, hidden_def(security_compute_av_flags) -int security_compute_av(const security_context_t scon, - const security_context_t tcon, +int security_compute_av(const char * scon, + const char * tcon, security_class_t tclass, access_vector_t requested, struct av_decision *avd) { diff --git a/libselinux/src/compute_create.c b/libselinux/src/compute_create.c index 3c05be32..9559d421 100644 --- a/libselinux/src/compute_create.c +++ b/libselinux/src/compute_create.c @@ -48,11 +48,11 @@ static int object_name_encode(const char *objname, char *buffer, size_t buflen) return 0; } -int security_compute_create_name_raw(const security_context_t scon, - const security_context_t tcon, +int security_compute_create_name_raw(const char * scon, + const char * tcon, security_class_t tclass, const char *objname, - security_context_t * newcon) + char ** newcon) { char path[PATH_MAX]; char *buf; @@ -107,26 +107,26 @@ int security_compute_create_name_raw(const security_context_t scon, } hidden_def(security_compute_create_name_raw) -int security_compute_create_raw(const security_context_t scon, - const security_context_t tcon, +int security_compute_create_raw(const char * scon, + const char * tcon, security_class_t tclass, - security_context_t * newcon) + char ** newcon) { return security_compute_create_name_raw(scon, tcon, tclass, NULL, newcon); } hidden_def(security_compute_create_raw) -int security_compute_create_name(const security_context_t scon, - const security_context_t tcon, +int security_compute_create_name(const char * scon, + const char * tcon, security_class_t tclass, const char *objname, - security_context_t * newcon) + char ** newcon) { int ret; - security_context_t rscon; - security_context_t rtcon; - security_context_t rnewcon; + char * rscon; + char * rtcon; + char * rnewcon; if (selinux_trans_to_raw_context(scon, &rscon)) return -1; @@ -148,10 +148,10 @@ int security_compute_create_name(const security_context_t scon, } hidden_def(security_compute_create_name) -int security_compute_create(const security_context_t scon, - const security_context_t tcon, +int security_compute_create(const char * scon, + const char * tcon, security_class_t tclass, - security_context_t * newcon) + char ** newcon) { return security_compute_create_name(scon, tcon, tclass, NULL, newcon); } diff --git a/libselinux/src/compute_member.c b/libselinux/src/compute_member.c index dad0a775..1fc7e41a 100644 --- a/libselinux/src/compute_member.c +++ b/libselinux/src/compute_member.c @@ -10,10 +10,10 @@ #include "policy.h" #include "mapping.h" -int security_compute_member_raw(const security_context_t scon, - const security_context_t tcon, +int security_compute_member_raw(const char * scon, + const char * tcon, security_class_t tclass, - security_context_t * newcon) + char ** newcon) { char path[PATH_MAX]; char *buf; @@ -62,15 +62,15 @@ int security_compute_member_raw(const security_context_t scon, hidden_def(security_compute_member_raw) -int security_compute_member(const security_context_t scon, - const security_context_t tcon, +int security_compute_member(const char * scon, + const char * tcon, security_class_t tclass, - security_context_t * newcon) + char ** newcon) { int ret; - security_context_t rscon; - security_context_t rtcon; - security_context_t rnewcon; + char * rscon; + char * rtcon; + char * rnewcon; if (selinux_trans_to_raw_context(scon, &rscon)) return -1; diff --git a/libselinux/src/compute_relabel.c b/libselinux/src/compute_relabel.c index 656f00af..4615aee4 100644 --- a/libselinux/src/compute_relabel.c +++ b/libselinux/src/compute_relabel.c @@ -10,10 +10,10 @@ #include "policy.h" #include "mapping.h" -int security_compute_relabel_raw(const security_context_t scon, - const security_context_t tcon, +int security_compute_relabel_raw(const char * scon, + const char * tcon, security_class_t tclass, - security_context_t * newcon) + char ** newcon) { char path[PATH_MAX]; char *buf; @@ -62,15 +62,15 @@ int security_compute_relabel_raw(const security_context_t scon, hidden_def(security_compute_relabel_raw) -int security_compute_relabel(const security_context_t scon, - const security_context_t tcon, +int security_compute_relabel(const char * scon, + const char * tcon, security_class_t tclass, - security_context_t * newcon) + char ** newcon) { int ret; - security_context_t rscon; - security_context_t rtcon; - security_context_t rnewcon; + char * rscon; + char * rtcon; + char * rnewcon; if (selinux_trans_to_raw_context(scon, &rscon)) return -1; diff --git a/libselinux/src/compute_user.c b/libselinux/src/compute_user.c index 3b39ddd1..b37c5d33 100644 --- a/libselinux/src/compute_user.c +++ b/libselinux/src/compute_user.c @@ -9,8 +9,8 @@ #include "policy.h" #include <limits.h> -int security_compute_user_raw(const security_context_t scon, - const char *user, security_context_t ** con) +int security_compute_user_raw(const char * scon, + const char *user, char *** con) { char path[PATH_MAX]; char **ary; @@ -79,11 +79,11 @@ int security_compute_user_raw(const security_context_t scon, hidden_def(security_compute_user_raw) -int security_compute_user(const security_context_t scon, - const char *user, security_context_t ** con) +int security_compute_user(const char * scon, + const char *user, char *** con) { int ret; - security_context_t rscon; + char * rscon; if (selinux_trans_to_raw_context(scon, &rscon)) return -1; @@ -92,7 +92,7 @@ int security_compute_user(const security_context_t scon, freecon(rscon); if (!ret) { - security_context_t *ptr, tmpcon; + char **ptr, *tmpcon; for (ptr = *con; *ptr; ptr++) { if (selinux_raw_to_trans_context(*ptr, &tmpcon)) { freeconary(*con); diff --git a/libselinux/src/enabled.c b/libselinux/src/enabled.c index 018c7879..5c252dd1 100644 --- a/libselinux/src/enabled.c +++ b/libselinux/src/enabled.c @@ -12,7 +12,7 @@ int is_selinux_enabled(void) { int enabled = 0; - security_context_t con; + char * con; /* init_selinuxmnt() gets called before this function. We * will assume that if a selinux file system is mounted, then diff --git a/libselinux/src/fgetfilecon.c b/libselinux/src/fgetfilecon.c index 3395c9f9..3954e644 100644 --- a/libselinux/src/fgetfilecon.c +++ b/libselinux/src/fgetfilecon.c @@ -7,7 +7,7 @@ #include "selinux_internal.h" #include "policy.h" -int fgetfilecon_raw(int fd, security_context_t * context) +int fgetfilecon_raw(int fd, char ** context) { char *buf; ssize_t size; @@ -51,9 +51,9 @@ int fgetfilecon_raw(int fd, security_context_t * context) hidden_def(fgetfilecon_raw) -int fgetfilecon(int fd, security_context_t * context) +int fgetfilecon(int fd, char ** context) { - security_context_t rcontext; + char * rcontext; int ret; *context = NULL; diff --git a/libselinux/src/freecon.c b/libselinux/src/freecon.c index 3ec4fe2b..5290dfa1 100644 --- a/libselinux/src/freecon.c +++ b/libselinux/src/freecon.c @@ -3,7 +3,7 @@ #include <stdlib.h> #include <errno.h> -void freecon(security_context_t con) +void freecon(char * con) { free(con); } diff --git a/libselinux/src/freeconary.c b/libselinux/src/freeconary.c index 835f5bc8..8d07718e 100644 --- a/libselinux/src/freeconary.c +++ b/libselinux/src/freeconary.c @@ -3,7 +3,7 @@ #include <stdlib.h> #include <errno.h> -void freeconary(security_context_t * con) +void freeconary(char ** con) { char **ptr; diff --git a/libselinux/src/fsetfilecon.c b/libselinux/src/fsetfilecon.c index 9963f7ab..52707d05 100644 --- a/libselinux/src/fsetfilecon.c +++ b/libselinux/src/fsetfilecon.c @@ -7,12 +7,12 @@ #include "selinux_internal.h" #include "policy.h" -int fsetfilecon_raw(int fd, const security_context_t context) +int fsetfilecon_raw(int fd, const char * context) { int rc = fsetxattr(fd, XATTR_NAME_SELINUX, context, strlen(context) + 1, 0); if (rc < 0 && errno == ENOTSUP) { - security_context_t ccontext = NULL; + char * ccontext = NULL; int err = errno; if ((fgetfilecon_raw(fd, &ccontext) >= 0) && (strcmp(context,ccontext) == 0)) { @@ -27,10 +27,10 @@ int fsetfilecon_raw(int fd, const security_context_t context) hidden_def(fsetfilecon_raw) -int fsetfilecon(int fd, const security_context_t context) +int fsetfilecon(int fd, const char *context) { int ret; - security_context_t rcontext; + char * rcontext; if (selinux_trans_to_raw_context(context, &rcontext)) return -1; diff --git a/libselinux/src/get_context_list.c b/libselinux/src/get_context_list.c index 1d911234..f3fa4a9b 100644 --- a/libselinux/src/get_context_list.c +++ b/libselinux/src/get_context_list.c @@ -12,10 +12,10 @@ int get_default_context_with_role(const char *user, const char *role, - security_context_t fromcon, - security_context_t * newcon) + char * fromcon, + char ** newcon) { - security_context_t *conary; + char **conary; char **ptr; context_t con; const char *role2; @@ -56,8 +56,8 @@ hidden_def(get_default_context_with_role) int get_default_context_with_rolelevel(const char *user, const char *role, const char *level, - security_context_t fromcon, - security_context_t * newcon) + char * fromcon, + char ** newcon) { int rc = 0; @@ -98,9 +98,9 @@ int get_default_context_with_rolelevel(const char *user, } int get_default_context(const char *user, - security_context_t fromcon, security_context_t * newcon) + char * fromcon, char ** newcon) { - security_context_t *conary; + char **conary; int rc; rc = get_ordered_context_list(user, fromcon, &conary); @@ -114,7 +114,7 @@ int get_default_context(const char *user, return 0; } -static int find_partialcon(security_context_t * list, +static int find_partialcon(char ** list, unsigned int nreach, char *part) { const char *conrole, *contype; @@ -155,8 +155,8 @@ static int find_partialcon(security_context_t * list, } static int get_context_order(FILE * fp, - security_context_t fromcon, - security_context_t * reachable, + char * fromcon, + char ** reachable, unsigned int nreach, unsigned int *ordering, unsigned int *nordered) { @@ -268,7 +268,7 @@ static int get_context_order(FILE * fp, return rc; } -static int get_failsafe_context(const char *user, security_context_t * newcon) +static int get_failsafe_context(const char *user, char ** newcon) { FILE *fp; char buf[255], *ptr; @@ -314,7 +314,7 @@ static int get_failsafe_context(const char *user, security_context_t * newcon) } struct context_order { - security_context_t con; + char * con; unsigned int order; }; @@ -330,8 +330,8 @@ static int order_compare(const void *A, const void *B) int get_ordered_context_list_with_level(const char *user, const char *level, - security_context_t fromcon, - security_context_t ** list) + char * fromcon, + char *** list) { int rc; int freefrom = 0; @@ -373,10 +373,10 @@ hidden_def(get_ordered_context_list_with_level) int get_default_context_with_level(const char *user, const char *level, - security_context_t fromcon, - security_context_t * newcon) + char * fromcon, + char ** newcon) { - security_context_t *conary; + char **conary; int rc; rc = get_ordered_context_list_with_level(user, level, fromcon, &conary); @@ -391,10 +391,10 @@ int get_default_context_with_level(const char *user, } int get_ordered_context_list(const char *user, - security_context_t fromcon, - security_context_t ** list) + char * fromcon, + char *** list) { - security_context_t *reachable = NULL; + char **reachable = NULL; unsigned int *ordering = NULL; struct context_order *co = NULL; char **ptr; @@ -507,7 +507,7 @@ int get_ordered_context_list(const char *user, the "failsafe" context to at least permit root login for emergency recovery if possible. */ freeconary(reachable); - reachable = malloc(2 * sizeof(security_context_t)); + reachable = malloc(2 * sizeof(char *)); if (!reachable) { rc = -1; goto out; diff --git a/libselinux/src/get_initial_context.c b/libselinux/src/get_initial_context.c index 16764354..522ed78f 100644 --- a/libselinux/src/get_initial_context.c +++ b/libselinux/src/get_initial_context.c @@ -11,7 +11,7 @@ #define SELINUX_INITCON_DIR "/initial_contexts/" -int security_get_initial_context_raw(const char * name, security_context_t * con) +int security_get_initial_context_raw(const char * name, char ** con) { char path[PATH_MAX]; char *buf; @@ -55,10 +55,10 @@ int security_get_initial_context_raw(const char * name, security_context_t * con hidden_def(security_get_initial_context_raw) -int security_get_initial_context(const char * name, security_context_t * con) +int security_get_initial_context(const char * name, char ** con) { int ret; - security_context_t rcon; + char * rcon; ret = security_get_initial_context_raw(name, &rcon); if (!ret) { diff --git a/libselinux/src/getfilecon.c b/libselinux/src/getfilecon.c index eb2ce8a4..5d4d4835 100644 --- a/libselinux/src/getfilecon.c +++ b/libselinux/src/getfilecon.c @@ -7,7 +7,7 @@ #include <sys/xattr.h> #include "policy.h" -int getfilecon_raw(const char *path, security_context_t * context) +int getfilecon_raw(const char *path, char ** context) { char *buf; ssize_t size; @@ -51,10 +51,10 @@ int getfilecon_raw(const char *path, security_context_t * context) hidden_def(getfilecon_raw) -int getfilecon(const char *path, security_context_t * context) +int getfilecon(const char *path, char ** context) { int ret; - security_context_t rcontext; + char * rcontext; *context = NULL; diff --git a/libselinux/src/getpeercon.c b/libselinux/src/getpeercon.c index 5c01ed50..3a77a2de 100644 --- a/libselinux/src/getpeercon.c +++ b/libselinux/src/getpeercon.c @@ -11,7 +11,7 @@ #define SO_PEERSEC 31 #endif -int getpeercon_raw(int fd, security_context_t * context) +int getpeercon_raw(int fd, char ** context) { char *buf; socklen_t size; @@ -45,10 +45,10 @@ int getpeercon_raw(int fd, security_context_t * context) hidden_def(getpeercon_raw) -int getpeercon(int fd, security_context_t * context) +int getpeercon(int fd, char ** context) { int ret; - security_context_t rcontext; + char * rcontext; ret = getpeercon_raw(fd, &rcontext); diff --git a/libselinux/src/is_customizable_type.c b/libselinux/src/is_customizable_type.c index a8e2183e..0b33edc6 100644 --- a/libselinux/src/is_customizable_type.c +++ b/libselinux/src/is_customizable_type.c @@ -9,12 +9,12 @@ #include "selinux_internal.h" #include "context_internal.h" -static int get_customizable_type_list(security_context_t ** retlist) +static int get_customizable_type_list(char *** retlist) { FILE *fp; char *buf; unsigned int ctr = 0, i; - security_context_t *list = NULL; + char **list = NULL; fp = fopen(selinux_customizable_types_path(), "r"); if (!fp) @@ -31,14 +31,14 @@ static int get_customizable_type_list(security_context_t ** retlist) rewind(fp); if (ctr) { list = - (security_context_t *) calloc(sizeof(security_context_t), + (char **) calloc(sizeof(char *), ctr + 1); if (list) { i = 0; while (fgets_unlocked(buf, selinux_page_size, fp) && i < ctr) { buf[strlen(buf) - 1] = 0; - list[i] = (security_context_t) strdup(buf); + list[i] = (char *) strdup(buf); if (!list[i]) { unsigned int j; for (j = 0; j < i; j++) @@ -59,9 +59,9 @@ static int get_customizable_type_list(security_context_t ** retlist) return 0; } -static security_context_t *customizable_list = NULL; +static char **customizable_list = NULL; -int is_context_customizable(const security_context_t scontext) +int is_context_customizable(const char * scontext) { int i; const char *type; diff --git a/libselinux/src/label.c b/libselinux/src/label.c index 8341e8ca..c3c099e4 100644 --- a/libselinux/src/label.c +++ b/libselinux/src/label.c @@ -230,7 +230,7 @@ selabel_lookup_common(struct selabel_handle *rec, int translating, return lr; } -int selabel_lookup(struct selabel_handle *rec, security_context_t *con, +int selabel_lookup(struct selabel_handle *rec, char **con, const char *key, int type) { struct selabel_lookup_rec *lr; @@ -243,7 +243,7 @@ int selabel_lookup(struct selabel_handle *rec, security_context_t *con, return *con ? 0 : -1; } -int selabel_lookup_raw(struct selabel_handle *rec, security_context_t *con, +int selabel_lookup_raw(struct selabel_handle *rec, char **con, const char *key, int type) { struct selabel_lookup_rec *lr; diff --git a/libselinux/src/label_internal.h b/libselinux/src/label_internal.h index b6ae1401..a1fa4fdc 100644 --- a/libselinux/src/label_internal.h +++ b/libselinux/src/label_internal.h @@ -42,8 +42,8 @@ extern struct selabel_sub *selabel_subs_init(const char *path, struct selabel_sub *list); struct selabel_lookup_rec { - security_context_t ctx_raw; - security_context_t ctx_trans; + char * ctx_raw; + char * ctx_trans; int validated; }; diff --git a/libselinux/src/lgetfilecon.c b/libselinux/src/lgetfilecon.c index 58dc8071..478e0c6b 100644 --- a/libselinux/src/lgetfilecon.c +++ b/libselinux/src/lgetfilecon.c @@ -7,7 +7,7 @@ #include "selinux_internal.h" #include "policy.h" -int lgetfilecon_raw(const char *path, security_context_t * context) +int lgetfilecon_raw(const char *path, char ** context) { char *buf; ssize_t size; @@ -51,10 +51,10 @@ int lgetfilecon_raw(const char *path, security_context_t * context) hidden_def(lgetfilecon_raw) -int lgetfilecon(const char *path, security_context_t * context) +int lgetfilecon(const char *path, char ** context) { int ret; - security_context_t rcontext; + char * rcontext; *context = NULL; diff --git a/libselinux/src/lsetfilecon.c b/libselinux/src/lsetfilecon.c index fd9bb261..1d3b28a1 100644 --- a/libselinux/src/lsetfilecon.c +++ b/libselinux/src/lsetfilecon.c @@ -7,12 +7,12 @@ #include "selinux_internal.h" #include "policy.h" -int lsetfilecon_raw(const char *path, const security_context_t context) +int lsetfilecon_raw(const char *path, const char * context) { int rc = lsetxattr(path, XATTR_NAME_SELINUX, context, strlen(context) + 1, 0); if (rc < 0 && errno == ENOTSUP) { - security_context_t ccontext = NULL; + char * ccontext = NULL; int err = errno; if ((lgetfilecon_raw(path, &ccontext) >= 0) && (strcmp(context,ccontext) == 0)) { @@ -27,10 +27,10 @@ int lsetfilecon_raw(const char *path, const security_context_t context) hidden_def(lsetfilecon_raw) -int lsetfilecon(const char *path, const security_context_t context) +int lsetfilecon(const char *path, const char *context) { int ret; - security_context_t rcontext; + char * rcontext; if (selinux_trans_to_raw_context(context, &rcontext)) return -1; diff --git a/libselinux/src/matchmediacon.c b/libselinux/src/matchmediacon.c index f4699d9a..46cba468 100644 --- a/libselinux/src/matchmediacon.c +++ b/libselinux/src/matchmediacon.c @@ -11,7 +11,7 @@ #include <regex.h> #include <stdarg.h> -int matchmediacon(const char *media, security_context_t * con) +int matchmediacon(const char *media, char ** con) { const char *path = selinux_media_context_path(); FILE *infile; diff --git a/libselinux/src/matchpathcon.c b/libselinux/src/matchpathcon.c index 2d7369e5..3b96b1d6 100644 --- a/libselinux/src/matchpathcon.c +++ b/libselinux/src/matchpathcon.c @@ -406,7 +406,7 @@ out: return rc; } -int matchpathcon(const char *path, mode_t mode, security_context_t * con) +int matchpathcon(const char *path, mode_t mode, char ** con) { char stackpath[PATH_MAX + 1]; char *p = NULL; @@ -427,7 +427,7 @@ int matchpathcon(const char *path, mode_t mode, security_context_t * con) selabel_lookup(hnd, con, path, mode); } -int matchpathcon_index(const char *name, mode_t mode, security_context_t * con) +int matchpathcon_index(const char *name, mode_t mode, char ** con) { int i = matchpathcon(name, mode, con); @@ -444,8 +444,8 @@ void matchpathcon_checkmatches(char *str __attribute__((unused))) /* Compare two contexts to see if their differences are "significant", * or whether the only difference is in the user. */ -int selinux_file_context_cmp(const security_context_t a, - const security_context_t b) +int selinux_file_context_cmp(const char * a, + const char * b) { char *rest_a, *rest_b; /* Rest of the context after the user */ if (!a && !b) @@ -467,8 +467,8 @@ int selinux_file_context_cmp(const security_context_t a, int selinux_file_context_verify(const char *path, mode_t mode) { - security_context_t con = NULL; - security_context_t fcontext = NULL; + char * con = NULL; + char * fcontext = NULL; int rc = 0; rc = lgetfilecon_raw(path, &con); @@ -506,7 +506,7 @@ int selinux_lsetfilecon_default(const char *path) { struct stat st; int rc = -1; - security_context_t scontext = NULL; + char * scontext = NULL; if (lstat(path, &st) != 0) return rc; diff --git a/libselinux/src/procattr.c b/libselinux/src/procattr.c index 9fa61380..f9903505 100644 --- a/libselinux/src/procattr.c +++ b/libselinux/src/procattr.c @@ -9,15 +9,15 @@ #include "selinux_internal.h" #include "policy.h" -#define UNSET (const security_context_t) -1 +#define UNSET (char *) -1 static __thread pid_t cpid; static __thread pid_t tid; -static __thread security_context_t prev_current = UNSET; -static __thread security_context_t prev_exec = UNSET; -static __thread security_context_t prev_fscreate = UNSET; -static __thread security_context_t prev_keycreate = UNSET; -static __thread security_context_t prev_sockcreate = UNSET; +static __thread char *prev_current = UNSET; +static __thread char * prev_exec = UNSET; +static __thread char * prev_fscreate = UNSET; +static __thread char * prev_keycreate = UNSET; +static __thread char * prev_sockcreate = UNSET; static pthread_once_t once = PTHREAD_ONCE_INIT; static pthread_key_t destructor_key; @@ -107,7 +107,7 @@ static int openattr(pid_t pid, const char *attr, int flags) return fd; } -static int getprocattrcon_raw(security_context_t * context, +static int getprocattrcon_raw(char ** context, pid_t pid, const char *attr) { char *buf; @@ -115,7 +115,7 @@ static int getprocattrcon_raw(security_context_t * context, int fd; ssize_t ret; int errno_hold; - security_context_t prev_context; + char * prev_context; __selinux_once(once, init_procattr); init_thread_destructor(); @@ -193,11 +193,11 @@ static int getprocattrcon_raw(security_context_t * context, return ret; } -static int getprocattrcon(security_context_t * context, +static int getprocattrcon(char ** context, pid_t pid, const char *attr) { int ret; - security_context_t rcontext; + char * rcontext; ret = getprocattrcon_raw(&rcontext, pid, attr); @@ -209,13 +209,13 @@ static int getprocattrcon(security_context_t * context, return ret; } -static int setprocattrcon_raw(security_context_t context, +static int setprocattrcon_raw(const char * context, pid_t pid, const char *attr) { int fd; ssize_t ret; int errno_hold; - security_context_t *prev_context; + char **prev_context, *context2 = NULL; __selinux_once(once, init_procattr); init_thread_destructor(); @@ -255,11 +255,11 @@ static int setprocattrcon_raw(security_context_t context, return -1; if (context) { ret = -1; - context = strdup(context); - if (!context) + context2 = strdup(context); + if (!context2) goto out; do { - ret = write(fd, context, strlen(context) + 1); + ret = write(fd, context2, strlen(context2) + 1); } while (ret < 0 && errno == EINTR); } else { do { @@ -271,21 +271,21 @@ out: close(fd); errno = errno_hold; if (ret < 0) { - free(context); + free(context2); return -1; } else { if (*prev_context != UNSET) free(*prev_context); - *prev_context = context; + *prev_context = context2; return 0; } } -static int setprocattrcon(const security_context_t context, +static int setprocattrcon(const char * context, pid_t pid, const char *attr) { int ret; - security_context_t rcontext; + char * rcontext; if (selinux_trans_to_raw_context(context, &rcontext)) return -1; @@ -298,21 +298,21 @@ static int setprocattrcon(const security_context_t context, } #define getselfattr_def(fn, attr) \ - int get##fn##_raw(security_context_t *c) \ + int get##fn##_raw(char **c) \ { \ return getprocattrcon_raw(c, 0, #attr); \ } \ - int get##fn(security_context_t *c) \ + int get##fn(char **c) \ { \ return getprocattrcon(c, 0, #attr); \ } #define setselfattr_def(fn, attr) \ - int set##fn##_raw(const security_context_t c) \ + int set##fn##_raw(const char * c) \ { \ return setprocattrcon_raw(c, 0, #attr); \ } \ - int set##fn(const security_context_t c) \ + int set##fn(const char * c) \ { \ return setprocattrcon(c, 0, #attr); \ } @@ -322,11 +322,11 @@ static int setprocattrcon(const security_context_t context, setselfattr_def(fn, attr) #define getpidattr_def(fn, attr) \ - int get##fn##_raw(pid_t pid, security_context_t *c) \ + int get##fn##_raw(pid_t pid, char **c) \ { \ return getprocattrcon_raw(c, pid, #attr); \ } \ - int get##fn(pid_t pid, security_context_t *c) \ + int get##fn(pid_t pid, char **c) \ { \ return getprocattrcon(c, pid, #attr); \ } diff --git a/libselinux/src/query_user_context.c b/libselinux/src/query_user_context.c index dcfc1b0f..b8125c96 100644 --- a/libselinux/src/query_user_context.c +++ b/libselinux/src/query_user_context.c @@ -9,7 +9,7 @@ * to the user. Returns the number (position in the list) of * the user selected context. */ -static int context_menu(security_context_t * list) +static int context_menu(char ** list) { int i; /* array index */ int choice = 0; /* index of the user's choice */ @@ -35,7 +35,7 @@ static int context_menu(security_context_t * list) * default is the first context in the list. Returns 0 on * success, -1 on failure */ -int query_user_context(security_context_t * list, security_context_t * usercon) +int query_user_context(char ** list, char ** usercon) { char response[10]; /* The user's response */ int choice; /* The index in the list of the sid chosen by @@ -103,7 +103,7 @@ static void get_field(const char *fieldstr, char *newfield, int newfieldlen) * context chosen by the user into usercon. Returns 0 * on success. */ -int manual_user_enter_context(const char *user, security_context_t * newcon) +int manual_user_enter_context(const char *user, char ** newcon) { char response[10]; /* Used to get yes or no answers from user */ char role[100]; /* The role requested by the user */ diff --git a/libselinux/src/selinux_check_securetty_context.c b/libselinux/src/selinux_check_securetty_context.c index e6d25017..24e5e2c0 100644 --- a/libselinux/src/selinux_check_securetty_context.c +++ b/libselinux/src/selinux_check_securetty_context.c @@ -6,7 +6,7 @@ #include "selinux_internal.h" #include "context_internal.h" -int selinux_check_securetty_context(const security_context_t tty_context) +int selinux_check_securetty_context(const char * tty_context) { char *line = NULL; char *start, *end = NULL; diff --git a/libselinux/src/selinuxswig.i b/libselinux/src/selinuxswig.i index 74b10322..969863a9 100644 --- a/libselinux/src/selinuxswig.i +++ b/libselinux/src/selinuxswig.i @@ -34,11 +34,11 @@ } } -%typemap(in, numinputs=0) (security_context_t **) (security_context_t *temp) { +%typemap(in, numinputs=0) (char ***) (char **temp) { $1 = &temp; } -%typemap(freearg) (security_context_t **) { +%typemap(freearg) (char ***) { if (*$1) freeconary(*$1); } diff --git a/libselinux/src/selinuxswig_python.i b/libselinux/src/selinuxswig_python.i index 98844547..ae72246f 100644 --- a/libselinux/src/selinuxswig_python.i +++ b/libselinux/src/selinuxswig_python.i @@ -83,7 +83,7 @@ def install(src, dest): } /* Makes security_compute_user() return a Python list of contexts */ -%typemap(argout) (security_context_t **con) { +%typemap(argout) (char ***con) { PyObject* plist; int i, len = 0; @@ -104,7 +104,7 @@ def install(src, dest): } /* Makes functions in get_context_list.h return a Python list of contexts */ -%typemap(argout) (security_context_t **list) { +%typemap(argout) (char ***list) { PyObject* plist; int i; @@ -122,11 +122,11 @@ def install(src, dest): $result = plist; } -%typemap(in,noblock=1,numinputs=0) security_context_t * (security_context_t temp = 0) { +%typemap(in,noblock=1,numinputs=0) char ** (char * temp = 0) { $1 = &temp; } -%typemap(freearg,match="in") security_context_t * ""; -%typemap(argout,noblock=1) security_context_t * { +%typemap(freearg,match="in") char ** ""; +%typemap(argout,noblock=1) char ** { if (*$1) { %append_output(SWIG_FromCharPtr(*$1)); freecon(*$1); diff --git a/libselinux/src/selinuxswig_ruby.i b/libselinux/src/selinuxswig_ruby.i index e46826bf..12d63c4b 100644 --- a/libselinux/src/selinuxswig_ruby.i +++ b/libselinux/src/selinuxswig_ruby.i @@ -18,11 +18,11 @@ $1 = &temp; } -%typemap(in,noblock=1,numinputs=0) security_context_t * (security_context_t temp = 0) { +%typemap(in,noblock=1,numinputs=0) char ** (char * temp = 0) { $1 = &temp; } -%typemap(freearg,match="in") security_context_t * ""; -%typemap(argout,noblock=1) security_context_t * { +%typemap(freearg,match="in") char ** ""; +%typemap(argout,noblock=1) char ** { if (*$1) { %append_output(SWIG_FromCharPtr(*$1)); freecon(*$1); diff --git a/libselinux/src/setexecfilecon.c b/libselinux/src/setexecfilecon.c index b3afa132..e574de10 100644 --- a/libselinux/src/setexecfilecon.c +++ b/libselinux/src/setexecfilecon.c @@ -7,7 +7,7 @@ int setexecfilecon(const char *filename, const char *fallback_type) { - security_context_t mycon = NULL, fcon = NULL, newcon = NULL; + char * mycon = NULL, *fcon = NULL, *newcon = NULL; context_t con = NULL; int rc = 0; diff --git a/libselinux/src/setfilecon.c b/libselinux/src/setfilecon.c index 50cb228f..d05969c6 100644 --- a/libselinux/src/setfilecon.c +++ b/libselinux/src/setfilecon.c @@ -7,12 +7,12 @@ #include "selinux_internal.h" #include "policy.h" -int setfilecon_raw(const char *path, const security_context_t context) +int setfilecon_raw(const char *path, const char * context) { int rc = setxattr(path, XATTR_NAME_SELINUX, context, strlen(context) + 1, 0); if (rc < 0 && errno == ENOTSUP) { - security_context_t ccontext = NULL; + char * ccontext = NULL; int err = errno; if ((getfilecon_raw(path, &ccontext) >= 0) && (strcmp(context,ccontext) == 0)) { @@ -27,10 +27,10 @@ int setfilecon_raw(const char *path, const security_context_t context) hidden_def(setfilecon_raw) -int setfilecon(const char *path, const security_context_t context) +int setfilecon(const char *path, const char *context) { int ret; - security_context_t rcontext; + char * rcontext; if (selinux_trans_to_raw_context(context, &rcontext)) return -1; diff --git a/libselinux/src/setrans_client.c b/libselinux/src/setrans_client.c index f9065bda..d9e87a90 100644 --- a/libselinux/src/setrans_client.c +++ b/libselinux/src/setrans_client.c @@ -26,12 +26,12 @@ static int mls_enabled = -1; // Simple cache -static __thread security_context_t prev_t2r_trans = NULL; -static __thread security_context_t prev_t2r_raw = NULL; -static __thread security_context_t prev_r2t_trans = NULL; -static __thread security_context_t prev_r2t_raw = NULL; +static __thread char * prev_t2r_trans = NULL; +static __thread char * prev_t2r_raw = NULL; +static __thread char * prev_r2t_trans = NULL; +static __thread char * prev_r2t_raw = NULL; static __thread char *prev_r2c_trans = NULL; -static __thread security_context_t prev_r2c_raw = NULL; +static __thread char * prev_r2c_raw = NULL; static pthread_once_t once = PTHREAD_ONCE_INIT; static pthread_key_t destructor_key; @@ -281,8 +281,8 @@ static void init_context_translations(void) mls_enabled = is_selinux_mls_enabled(); } -int selinux_trans_to_raw_context(const security_context_t trans, - security_context_t * rawp) +int selinux_trans_to_raw_context(const char * trans, + char ** rawp) { if (!trans) { *rawp = NULL; @@ -323,8 +323,8 @@ int selinux_trans_to_raw_context(const security_context_t trans, hidden_def(selinux_trans_to_raw_context) -int selinux_raw_to_trans_context(const security_context_t raw, - security_context_t * transp) +int selinux_raw_to_trans_context(const char * raw, + char ** transp) { if (!raw) { *transp = NULL; @@ -365,7 +365,7 @@ int selinux_raw_to_trans_context(const security_context_t raw, hidden_def(selinux_raw_to_trans_context) -int selinux_raw_context_to_color(const security_context_t raw, char **transp) +int selinux_raw_context_to_color(const char * raw, char **transp) { if (!raw) { *transp = NULL; @@ -402,8 +402,8 @@ int selinux_raw_context_to_color(const security_context_t raw, char **transp) hidden_def(selinux_raw_context_to_color) #else /*DISABLE_SETRANS*/ -int selinux_trans_to_raw_context(const security_context_t trans, - security_context_t * rawp) +int selinux_trans_to_raw_context(const char * trans, + char ** rawp) { if (!trans) { *rawp = NULL; @@ -417,8 +417,8 @@ int selinux_trans_to_raw_context(const security_context_t trans, hidden_def(selinux_trans_to_raw_context) -int selinux_raw_to_trans_context(const security_context_t raw, - security_context_t * transp) +int selinux_raw_to_trans_context(const char * raw, + char ** transp) { if (!raw) { *transp = NULL; |